What's new

Asuswrt-Merlin - custom build of the Asus RT-N66U firmware

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
Hi Rmerlin

Upgraded to 3.0.0.3.162.13 for my RTN66U, notice under tools and other settings, we can save traffic history to local RAM default, how can we call this log out from from the web. And under the USB application, can we run OpenVPN on optware? pardon me on the noob question as I am new to this router and the feature is nice to explore.thanks in advance
 
RMerlin,

New sysinfo page in next release is gonna be a great addition, will it have wireless connected clientes status, rssi, noise, those kind of things?

I was able to compile your source about ten days back successfully but with the latest updates it gets stuck compiling minidlna throwing me back an error. I've recloned your source but it keeps stopping at the same point.
 
Hi Rmerlin

Upgraded to 3.0.0.3.162.13 for my RTN66U, notice under tools and other settings, we can save traffic history to local RAM default, how can we call this log out from from the web. And under the USB application, can we run OpenVPN on optware? pardon me on the noob question as I am new to this router and the feature is nice to explore.thanks in advance

The traffic history is what is displayed by the Traffic Manager -> Traffic Monitor tab.

OpenVPN can be installed through optware, but you will have to do it through telnet, and I can't help you with the details since I never used OpenVPN. I can confirm that it's doable, I've seen a few reports of people on forums who have done it. You won't have any web interface to configure it however, it will all be done through the shell.
 
RMerlin,

New sysinfo page in next release is gonna be a great addition, will it have wireless connected clientes status, rssi, noise, those kind of things?

I was able to compile your source about ten days back successfully but with the latest updates it gets stuck compiling minidlna throwing me back an error. I've recloned your source but it keeps stopping at the same point.

Better wireless info is something I have in mind, but I'm undecided yet on the implementation. I want to either add it to the new Sysinfo page (would be easier for me to maintain) or update Asus's existing Wireless page (which would be more logical, but harder to maintain with new releases).

I've had another report about a similar issue with building since the minidlna upgrade. I need to test a fresh clone to see if I missed a file, or it's just a depency change for MiniDLNA.

For those wondering what's the sysinfo page we're talking about, a sneak preview:

http://www.lostrealm.ca/temp/asuswrt-sysinfo.png
 
RMerlin,

New sysinfo page in next release is gonna be a great addition, will it have wireless connected clientes status, rssi, noise, those kind of things?

I was able to compile your source about ten days back successfully but with the latest updates it gets stuck compiling minidlna throwing me back an error. I've recloned your source but it keeps stopping at the same point.

A fresh cloning successfully built here, so I suspect it's a dependency issue on your OS (I saw one other person with the same issue since the MiniDLNA update).

The only possible hint I can see in MiniDLNA's changelog is the author updated it so it can compile against newer version of libavformat. I don't have any of the libav* or ffmpeg packages installed on my development VM, so try removing any you might have installed in case they conflicted.

My VM is based on Ubuntu 10.04 LTS 64-bit.
 
Better wireless info is something I have in mind, but I'm undecided yet on the implementation. I want to either add it to the new Sysinfo page (would be easier for me to maintain) or update Asus's existing Wireless page (which would be more logical, but harder to maintain with new releases).

I've had another report about a similar issue with building since the minidlna upgrade. I need to test a fresh clone to see if I missed a file, or it's just a depency change for MiniDLNA.

For those wondering what's the sysinfo page we're talking about, a sneak preview:

http://www.lostrealm.ca/temp/asuswrt-sysinfo.png

Looking nice ;).

If your local source compiles without errors, not that I fully understand git, when you push your commited changes does it not push everything making you local and remote source the same?

Edit: You've update minidlna, have you thought about updating other sources to more recent releases?, dnsmasq & miniupnp come to mind :rolleyes:.

I had a look at dnsmasq and apart from some specific Asus changes to the original source they left some of Teddy Bears (original Tomatousb author) code in there that seems to do nothing in Asus builds.
 
Last edited:
Looking nice ;).

If your local source compiles without errors, not that I fully understand git, when you push your commited changes does it not push everything making you local and remote source the same?

Edit: You've update minidlna, have you thought about updating other sources to more recent releases?, dnsmasq & miniupnp come to mind :rolleyes:.

I had a look at dnsmasq and apart from some specific Asus changes to the original source they left some of Teddy Bears (original Tomatousb author) code in there that seems to do nothing in Asus builds.

When I push to git, it will push anything that I have added to the repo and that isn't in a gitignore list. That's why I tested with a "git clone", which basically downloads a copy from github into a new directory, allowing me to confirm if I forgot to push any file to Git. So, I can confirm that everything needed is on Github.

I don't want to blindly update everything to newer versions unless there's a specific reason to do so, such as fixing a crashing or security issue. The reasons:

  • Some of these programs have been modified to interface with the rest of the firmware code. Those patches can sometimes be harder to reapply on newer code. In MiniDLNA's case they were trivial.
  • New doesn't necessarily mean better in this specific usage scenario (a router). Newer features wouldn't be used by the router, and they might have higher memory/CPU usage, so in the end it's a step back rather than an improvement
  • Newer versions might require changes to the rest of the firmware if options or command line syntax has changed

I updated MiniDLNA because it resolved some crashing issues, and also because I knew the patches were trivial to re-implement.

In Dropbear's case, it was a matter of security, and also because I knew it was unmodified code that Asus doesn't use by default.

The versions included have been tested by Asus (and Tomato) devs and users over the past years. An update would get tested by a single person (me). I have more faith in the result of a few hundred people that have been testing an older version for years than in my own personal test over the course of a few days :)
 
hello, i'm new to the whole firmware deal and i was wondering if your builds include the fixes that asus provides in their .162 build? sorry for the newbie question.
 
hello, i'm new to the whole firmware deal and i was wondering if your builds include the fixes that asus provides in their .162 build? sorry for the newbie question.

Yes. All my changes are made on top of Asus's build 162 sources for this latest build.
 
How do we access/enable the L7 QOS rules in your build?

You have to manually create iptable entries that make use of them and put them in the firewall-start script. The Asus UI doesn't support them.
 
I just set up my new RT-N66U yesterday and installed your custom build firmware (thanks!). Everything seems to be working great and I have duplicated everything I needed to coming over from Tomato, except for 2 minor things:

1. ZoneEdit Dyanmic DNS Question and/or Request

I use ZoneEdit for Dynamic DNS updating and it has worked great for me over the years, no issues. The N66U supports it natively, which is great, but can you confirm if it uses SSL? I would rather not have my login/pw being sent over plain text. If it doesn't, would it be possible to add a flag (or better yet, force SSL)? According to the API, it looks like you just need to use HTTPS instead of HTTP.

21) What are the specs of the dynamic update request?
Simply make a standard HTTP request:
- URL: http://dynamic.zoneedit.com/auth/dynamic.html
- REQUIRES BASIC AUTHENTICATION
- REQUIRES PARAM: -> 'host' contains a comma-delimited list of hosts that have IP addresses. This parameter may be *.domain.com to update a wildcard A-record.
- OPTIONAL PARAM: 'dnsto' -> change to the IP specified instead of the client IP. This parameter may be 0.0.0.0 to force the domain offline.
- OPTIONAL SSL: https (SSL) may be used for added security, if needed.
- OPTIONAL PARAM: 'park=1' -> directs the hosts to the zoneedit parking server - and parks the domain with a default 'Be Right Back' page.
- EXAMPLE: http://dynamic.zoneedit.com/auth/dynamic.html?zones=myzone.com
- EXAMPLE: http://dynamic.zoneedit.com/auth/dynamic.html?host=mail.myzone.com&dnsto=1.2.3.4
The response page returns the following information:
- <ERROR CODE="[701-799]" TEXT="Description of the error" ZONE="Zone that Failed">
- <SUCCESS CODE="[200-201]" TEXT="Description of the success" ZONE="Zone that Succeeded">
Failure by the server to respond should be considered as "Error code 700, failed to respond for ALL zones".


2. Port Forwarding GUI enable/disable.

This is a very minor difference, but I miss it from Tomato. Definitely not a deal breaker, but thought I'd mention it regardless.

In Tomato I was able to enable/disable a port forwarding rule instead of actually deleting and then reentering it. Unless I'm missing something (only played with the GUI for a little while), this doesn't look possible in the custom firmware. So in the future, assuming this isn't a big deviation from the stock firmware source, it would be great to have this ability.

Thanks again for all the work you've done, greatly appreciated.
 
1. ZoneEdit Dyanmic DNS Question and/or Request

I use ZoneEdit for Dynamic DNS updating and it has worked great for me over the years, no issues. The N66U supports it natively, which is great, but can you confirm if it uses SSL? I would rather not have my login/pw being sent over plain text. If it doesn't, would it be possible to add a flag (or better yet, force SSL)? According to the API, it looks like you just need to use HTTPS instead of HTTP.

Asuswrt uses ez-ipupdate, like many other routers (including Tomato). ez-ipupdate does not support SSL.

If you want an alternative, Optware has ddclient, inadyn and updatedd available. No idea if any of these support SSL, and you will have to configure them manually. They also won't be as tightly integrated into the firmware, so they will have to rely on periodic IP checks.

2. Port Forwarding GUI enable/disable.

This is a very minor difference, but I miss it from Tomato. Definitely not a deal breaker, but thought I'd mention it regardless.

In Tomato I was able to enable/disable a port forwarding rule instead of actually deleting and then reentering it. Unless I'm missing something (only played with the GUI for a little while), this doesn't look possible in the custom firmware. So in the future, assuming this isn't a big deviation from the stock firmware source, it would be great to have this ability.

Unfortunately, this would require quite a few changes in the code (in addition to the webui), which would then be difficult to port whenever a new firmware version is released by Asus. This would also probably break backward compatibility with Asus's firmware as it would require changing the storage format for forwarded ports.
 
I just set up my new RT-N66U yesterday and installed your custom build firmware (thanks!). Everything seems to be working great and I have duplicated everything I needed to coming over from Tomato, except for 2 minor things:

1. ZoneEdit Dyanmic DNS Question and/or Request

I use ZoneEdit for Dynamic DNS updating and it has worked great for me over the years, no issues. The N66U supports it natively, which is great, but can you confirm if it uses SSL? I would rather not have my login/pw being sent over plain text. If it doesn't, would it be possible to add a flag (or better yet, force SSL)? According to the API, it looks like you just need to use HTTPS instead of HTTP.

Intresting, I am using Dyndns and never thought aabout this. what is the chance that someone could actually get your password externally ? jsut tryint to gauge how much of a threat this is. I might consider using the dyndns.org client on my machine instead of the router, something you might want to consider with your zoneedit.
 
Asuswrt uses ez-ipupdate, like many other routers (including Tomato). ez-ipupdate does not support SSL.
I thought I was blanking for a minute, but I pulled out my old e3000 w/ Tomato (tomato-E3000-NVRAM60K-1.28.7483.3MIPSR2-Toastman-RT-Std) and in the DDNS drop down, there is an option to use ZoneEdit and ZoneEdit (https). The latter has worked fine for me for a long while. Screenshot attached.

I don't know anything about ez-ipupdate, but if Tomato does use it, it looks like SSL works just fine for DDNS.

Intresting, I am using Dyndns and never thought aabout this. what is the chance that someone could actually get your password externally ? jsut tryint to gauge how much of a threat this is. I might consider using the dyndns.org client on my machine instead of the router, something you might want to consider with your zoneedit.

I thought about the client route, but there were a few downsides.

1) A machine has to be on all the time
2) It uses polling (ip change lag + continuous very small bandwidth use)
3) It's yet another process running in the background all the time on a machine

Minor issues of course, but still, issues.
 

Attachments

  • tomato_ze_ssl2.png
    tomato_ze_ssl2.png
    7.2 KB · Views: 526
I thought I was blanking for a minute, but I pulled out my old e3000 w/ Tomato (tomato-E3000-NVRAM60K-1.28.7483.3MIPSR2-Toastman-RT-Std) and in the DDNS drop down, there is an option to use ZoneEdit and ZoneEdit (https). The latter has worked fine for me for a long while. Screenshot attached.

Looks like Tomato-RT uses a custom-made DynDNS updater (mdu). My bad.

The clients I listed were all available to be run directly on the router.
 
Status
Not open for further replies.

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top